The error message states: 

This might be because the site uses outdated or unsafe TLS security settings. If this keeps happening, try contacting the website’s owner.
also
CAS9899I - TLSv1.0, TLSv1.1 and TLSv1.2 are enabled in the CCISSL task.

TLS 1.0 and TLS 1.1 were disabled, but still able to connect after that.

The settings on mainframe for CCISSL are PROT=TLS, UNSECON=NONSSL, CERT='CCI'
Parm setting is PARM='CERT=CCI,CIPHER=3DES,CLIENT_AUTH=NO,UNSECON=NONSSL'

• Output Management Web Viewer 12.1
• Common Services for z/OS MVS 15.0 (CCITCP)

The SSL/TLS connection was likely being negotiated down.

To resolve the problem, set SSL.ForceSSL=Yes in the CCI Client. This means that SSL/TLS will be enforced/employed, regardless of how the host is configured - no negotiating.